Download presentation
Presentation is loading. Please wait.
Published byGladys Barber Modified over 9 years ago
1
Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®
2
Page 1 3GPP2-S00-20010611-046A Secrecy and Integrity Control Security (Secrecy/Privacy) of Users’ Information u Any information generated by or for a user, for any IP multimedia application, shall be provided with strong privacy and secrecy Security against modifying Users’ Messages (Integrity) u Any information generated by or for a user for any IP multimedia application, shall be provided with integrity and be protected from any unauthorized modification Security of Users’ Profile u Users’ Profile, Identity, Location & Signaling shall not be leaked out at any cost both, by visiting or home network to unauthorized agency. It demands security algorithms to be interoperable and compatible worldwide and yet to be trustworthy.
3
Page 2 3GPP2-S00-20010611-046A Security against Misusing Services Authentication at the Start of Session u Security algorithm shall authenticate the users right at the start of the session and immediately terminate the unauthorized users to prevent network resources from being unnecessarily engaged Secured QoS u Security algorithm shall refrain the users to steal QoS of contemporary users Protection against Malicious Adversary for Misusing Services u Network shall be robust & shall not allow any false & unregistered user to have fraudulent access to services and cheat the network operator Protection against Customer Fraud u Network shall be robust & shall not allow fraudulent impersonation to steal services and cheat the other users
4
Page 3 3GPP2-S00-20010611-046A Security against sabotaging Network Performance Protection against Attacks u viral attacks that may lead to impair/corrupt database or ruin operator’s reputation u All infrastructure equipment shall be protected from any sort of attacks that may corrupt the database or impair Network performance Protection against unauthorised modifications in network database u unauthorised modification of database u unauthorised modification that registered user may do while downloading services like OTASPA or SAT.
5
Page 4 3GPP2-S00-20010611-046A Security against sabotaging Network Infrastructure Secure Infrastructure between Network Operators u There shall be a secure infrastructure between network operators. Secure Infrastructure against All Users u There shall be a secure infrastructure against users SIM/RUIM Safety u SIM/RUIM be protected against any unauthorized modification of user-related data which is stored or processed by a provider. Protection against Theft u Network shall determine the stolen terminals and bar them from accessing 3G services.
6
Page 5 3GPP2-S00-20010611-046A Security of User Information Confidentiality u Any information related to users - protection against any unauthorized disclosure Integrity u Any information related to users shall be protected against any unauthorized modification Security of Users’ Profile u Users’ Profile, Identity, Location & Signaling shall be protected by Visiting and Home network from unauthorized agency
7
Page 6 3GPP2-S00-20010611-046A Security of Message Traversed Across Network Confidentiality u Any information traveled over the network (RAN and Core) shall be protected against any unauthorized disclosure Integrity u Any information traveled over the network (RAN and Core) shall be protected against any unauthorized modification Peer-to-peer Authentication u Network must be capable of authenticating the sender of the packets
8
Page 7 3GPP2-S00-20010611-046A Security of Network Infrastructure Secure Infrastructure between Network Operators Secure Infrastructure against Malicious Users SIM/RUIM Safety u SIM/RUIM be protected against any unauthorized modification of user-related data which is stored or processed by a provider.
9
Page 8 3GPP2-S00-20010611-046A Security of Network Database Protection against Attacks u protect against viral attacks that may lead to impair/corrupt database or ruin operator’s reputation u All infrastructure equipment - protection from any sort of attacks that may corrupt network databases Protection against unauthorised modifications in network database u protection from any unauthorised modification of database by intruders u unauthorised modification that registered user may do while downloading services like OTASPA or SAT.
10
Page 9 3GPP2-S00-20010611-046A Security of Services User Authentication u security mechanism to authenticate the users right at the start of the session and immediately terminate the unauthorized users from being engaged network network resources and services Protection of QoS Services u protection to prevent misuse of QoS Services (e.g., steal QoS from others, etc.) Protection against Malicious Adversary of Misusing Services u protection from any false & unregistered user from using network
11
Page 10 3GPP2-S00-20010611-046A Security of Services (cont.) Protection against Customer Fraud u fraudulent impersonation of stealing services from other users Protection against Theft u guarding access of 3G services Protection of Denial of Services u attacks (e.g., viral attack) that may lead to impair network from providing services or to totally disable services
12
Page 11 3GPP2-S00-20010611-046A Detection Of Security Breaches Intelligent Security Algorithm and Audit Data u detecting security breaches through monitoring/recording subscribers usage pattern and their traffic details in the event when security violation incident had occurred u trace the origin of unauthorized user, keep record (Audit Data) Protection of Audit Data
13
Page 12 3GPP2-S00-20010611-046A Other Considerations Transparent Legal Intercept u Secured tracking of possibly fair subscribers, but legal culprits shall be possible and shall be transparent to user for the purpose of Lawful Interception User’s Confidence u To enhance users' confidence on operator, they may be made able to counter check whether or not their call related information is secure. However legal intercept shall still be transparent Service Interruption for Defaulter u Barring services for defaulters shall also be possible
14
Page 13 3GPP2-S00-20010611-046A Other Considerations (2/2) Location/Push Services be Discretionary u Disclosure of location information of a user to the 3rd party shall be on user's discretion u Disclosure of user profile to the 3rd party for offering him push services shall be on user's discretion Future-Proof Network against Unforeseen Threats u Analyse architecture for future-proof allowing security features enhancements as demanded by new services or unforeseen threats
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.